The cybercriminals then reached out to hospital administrators and demanded money – typically to be transmitted in Bitcoin or other untraceable virtual currency.

Once the payment is confirmed, the attackers provide the hospital with a decryption key to open the files.

It’s not clear when Kansas Heart Hospital paid the money, but this week, its president, Dr. Greg Duick, told reporters that the hackers didn’t live up to their part of the bargain.

Duick said the hospital paid “a small amount” of money but only received partial access, and a demand for additional money for a key to the rest, according to an article in Techspot.

Hospital officials declined to pay the second ransom, deeming it no longer “a wise maneuver or strategy,” Duick is quoted as saying.

At least 14 U.S. hospitals were victims of similar cyber-attacks during a recent six-week stretch this spring.

The MedStar Health chain was particularly hard hit in that wave of ransomware breaches, and operations had still not returned to normal weeks after a March attack targeted networks linked to several of the company’s Maryland- and Washington, D.C.-area hospitals.

The Kansas case marks the second time in recent months that a hospital has publicly acknowledged paying a ransom to hackers.

In February, Hollywood Presbyterian Medical Center disclosed it paid 40 Bitcoin, or about $17,000, to regain access to its records.

As a result, it’s impossible to know how often victims are dissatisfied with the outcomes of paying ransoms to end cyber-attacks.

Cyber-criminals’ recent focus on hospitals offers important clues about the thinking of professional hackers, and hints at other types of organizations and networks that could be similarly vulnerable, said Patrick Upatham, director of threat research at Digital Guardian, a provider of IT security solutions.

“What it comes down to is that there’s definitely no safe business,” he told MSPmentor recently. “Even with cutting edge tools, some of the (malware) variants are not detectible.”

Websites are now required by law to gain your consent before applying cookies. We use cookies to improve your
browsing experience. Parts of the website may not work as expected without them. By closing or ignoring this
message, you are consenting to our use of cookies.